20b0db1adecf4a297c64a912357b7f6b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

20b0db1adecf4a297c64a912357b7f6b
Size

35KB
MD5

20b0db1adecf4a297c64a912357b7f6b
SHA1

39a59710ce94387f8bc44dae233dd59ff707bf56
SHA256

6d3362675d310bbf01e2a0448e8c02323198958365dc28488f9b29ac2bdc2278
SHA512

f97293844c837952374bfc0a748666ccbf21c49b2d92355172666a0f9e2ff94d87b5e23b966897e5bc7cb72597c4275987ff51e711a2b3c5e456e932c2686754
SSDEEP

768:bTOTgeL4E3jDF0y6xkVgHQKjxC1CINIBj:bKTdB3n6x/wKw1CkIBj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
20b0db1adecf4a297c64a912357b7f6b

Files

20b0db1adecf4a297c64a912357b7f6b
.exe windows:4 windows x86 arch:x86

9f1f9d1e470467e1da8203dfd2b0035c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA
ExitProcess
GetStartupInfoA
SystemTimeToTzSpecificLocalTime
SetCalendarInfoA
LocalFileTimeToFileTime
GetPrivateProfileStructW
CreateMailslotW
CreateWaitableTimerW
FreeUserPhysicalPages
SetComputerNameExW
SearchPathA
WriteConsoleOutputCharacterA
CreatePipe
SetFileApisToANSI
GlobalFindAtomA
GlobalAlloc
ReadConsoleInputA
lstrlen
GetConsoleCommandHistoryA
WriteProcessMemory
GetBinaryTypeA
GetThreadPriority
OpenWaitableTimerW
GetDriveTypeA
WaitNamedPipeW
SetTimerQueueTimer
SetLastConsoleEventActive
MapUserPhysicalPages

Sections

code
Size: 4KB - Virtual size: 120KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

data
Size: 27KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

idata
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 612B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ